cvelistv5 - CVE-2021-31159

CVE-2021-31159

Vulnerability from cvelistv5

Published

2021-06-16 12:51

Modified

2024-08-03 22:48

Severity ?

Summary

Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	https://github.com/ricardojoserf/CVE-2021-31159	Exploit, Third Party Advisory
cve@mitre.org	https://www.manageengine.com	Product
cve@mitre.org	https://www.manageengine.com/products/service-desk-msp/readme.html#10519	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ricardojoserf/CVE-2021-31159	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.manageengine.com	Product
af854a3a-2127-422b-91ae-364da2661108	https://www.manageengine.com/products/service-desk-msp/readme.html#10519	Release Notes, Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:48:14.309Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.manageengine.com"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/ricardojoserf/CVE-2021-31159"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-25T14:43:30",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.manageengine.com"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ricardojoserf/CVE-2021-31159"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-31159",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.manageengine.com",
              "refsource": "MISC",
              "url": "https://www.manageengine.com"
            },
            {
              "name": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519",
              "refsource": "CONFIRM",
              "url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
            },
            {
              "name": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
            },
            {
              "name": "https://github.com/ricardojoserf/CVE-2021-31159",
              "refsource": "MISC",
              "url": "https://github.com/ricardojoserf/CVE-2021-31159"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-31159",
    "datePublished": "2021-06-16T12:51:13",
    "dateReserved": "2021-04-14T00:00:00",
    "dateUpdated": "2024-08-03T22:48:14.309Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-31159\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2021-06-16T13:15:11.890\",\"lastModified\":\"2024-11-21T06:05:12.287\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.\"},{\"lang\":\"es\",\"value\":\"Zoho ManageEngine ServiceDesk Plus MSP versiones anteriores a 10519 es vulnerable a un bug de Enumeraci\u00f3n de Usuarios debido a la generaci\u00f3n inapropiada de mensajes de error en la funcionalidad Forgot Password, tambi\u00e9n se conoce como SDPMSP-15732\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-209\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0\",\"versionEndIncluding\":\"9.4\",\"matchCriteriaId\":\"0B4B5EF3-FA74-400F-B7F8-3A078686FD96\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10500:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BA242DB-20DE-4C22-9EEC-E8DF5C2D8260\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10501:*:*:*:*:*:*\",\"matchCriteriaId\":\"860EBABC-B252-4C73-97C6-57A67ED94492\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10502:*:*:*:*:*:*\",\"matchCriteriaId\":\"71E4F529-B091-4565-B024-185174483A70\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10503:*:*:*:*:*:*\",\"matchCriteriaId\":\"FADCF801-93E0-430B-BD14-092ACE960D05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10504:*:*:*:*:*:*\",\"matchCriteriaId\":\"97CD568D-AF18-42E7-8357-9AE2B279BEE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10505:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EB715EE-313B-4D62-A345-C4F7EB7C3DED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10506:*:*:*:*:*:*\",\"matchCriteriaId\":\"B965016B-7584-4661-A8F3-C8EA3DB1E94C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10507:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCF7199B-A66E-425B-9614-D8256C4C828D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10508:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F583C7-CB76-430A-A7AC-F3E727E0A26D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10509:*:*:*:*:*:*\",\"matchCriteriaId\":\"F33A3E84-F73B-4797-8A97-3F10F77BD631\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10510:*:*:*:*:*:*\",\"matchCriteriaId\":\"724284CA-51FE-46E8-B90E-99C53615901B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10511:*:*:*:*:*:*\",\"matchCriteriaId\":\"8342A66C-4C0B-4FAE-987A-276CE126724B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10512:*:*:*:*:*:*\",\"matchCriteriaId\":\"39C638A3-C8A1-4C2A-9B8F-39339F5674CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10513:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BB0CD9F-5459-44A7-9AD1-A70D3208369B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10514:*:*:*:*:*:*\",\"matchCriteriaId\":\"7399A6B2-B0F2-4898-AC04-E50B508EA495\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10515:*:*:*:*:*:*\",\"matchCriteriaId\":\"7793C1AC-38FA-4B31-BB78-004A519DD4A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10516:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C30D050-4BDC-46E6-819E-49898AD56BFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10517:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB7D8E3B-30C3-44C5-90B7-561F4E09830E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10518:*:*:*:*:*:*\",\"matchCriteriaId\":\"33960952-4461-4502-A2B5-364E22C96824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8000:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDE43523-D7CB-478C-B9D4-2EE2528366C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8001:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9813904-4215-41BF-96EE-751C41DB5CB6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8002:*:*:*:*:*:*\",\"matchCriteriaId\":\"E49FA680-361B-4EC2-A64C-9695205B81BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8003:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8C93784-2E35-49F2-9A26-239A938F5071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8004:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAD5E27F-F89F-42E2-9CE2-1E1CAAABCF72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8100:*:*:*:*:*:*\",\"matchCriteriaId\":\"5782173F-D5E8-4618-9F0E-51DA0A4E0690\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8101:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3486B9C-401F-4A35-B5C9-85DAEA8D0034\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8102:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1ABE733-61D4-4265-9EFD-E2FF546F11E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8103:*:*:*:*:*:*\",\"matchCriteriaId\":\"10902B3F-32C1-4119-843A-C98244C0AB4A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8104:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4638499-7F0B-4535-9EF6-A50F84BB584B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8105:*:*:*:*:*:*\",\"matchCriteriaId\":\"CFA362F1-36BE-4982-8A1B-62A54C526FAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8200:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7D6C4A7-79D3-41B9-B738-02CDFD061509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8201:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9350A7F-1119-4813-9A2E-1A3B4AB17B7C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8202:*:*:*:*:*:*\",\"matchCriteriaId\":\"3753C5C2-3136-446C-835F-E3B14619C494\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8203:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7E59504-3BC3-471B-BDC5-0C1675A542D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8204:*:*:*:*:*:*\",\"matchCriteriaId\":\"13A7411D-87B9-499B-A34A-CB0B2CFF7DB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8205:*:*:*:*:*:*\",\"matchCriteriaId\":\"435BCA89-34DF-4416-8E63-A72E39007384\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8206:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BAD7635-707D-43AA-9CA7-B3087BCEAE6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8207:*:*:*:*:*:*\",\"matchCriteriaId\":\"45513FFC-16AE-4253-998C-0CEA37BD613D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8208:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE39000F-0210-406F-8D2B-0A8022E3ECF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8209:*:*:*:*:*:*\",\"matchCriteriaId\":\"6315DC22-226C-4782-A132-07F099673218\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8210:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5AFA906-5FEF-4319-8F0F-E46844A2DA9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8211:*:*:*:*:*:*\",\"matchCriteriaId\":\"60CB1958-1D0E-4EAE-A9DB-0ADCB3750A8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8300:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D4BB788-23FB-4C17-B22A-2317D09307B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8301:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9BA2F35-FC7C-4712-AE48-6C5533511361\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8302:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F2600A-CAF3-49A9-B251-3C831BED42D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8303:*:*:*:*:*:*\",\"matchCriteriaId\":\"C984B69D-70B8-4CCC-AB18-DCEA7BFC12A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8304:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D105340-D249-4226-84FD-3A081CE9DCB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8305:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ECFB26A-FF48-47EC-BECA-928308EB82D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8306:*:*:*:*:*:*\",\"matchCriteriaId\":\"023A688E-17C7-4D87-9F35-BE441A7A6B00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8307:*:*:*:*:*:*\",\"matchCriteriaId\":\"028FF2C3-A660-4322-B9E5-5FB10AF13BFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8308:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0310BE0-E0D2-4F06-9AE9-7FCC7D057071\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8309:*:*:*:*:*:*\",\"matchCriteriaId\":\"B77DDA8B-1FF2-4383-9E08-FF490493AD6F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8310:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6572BF3-F187-474F-AFC5-39EA05E2B62C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8311:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4115EC3-7483-4C50-98C6-B5E8DEC76C88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8312:*:*:*:*:*:*\",\"matchCriteriaId\":\"BDCF1528-A720-4D73-9059-0262060DCD03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9000:*:*:*:*:*:*\",\"matchCriteriaId\":\"F397AEA2-88E4-4F4B-A506-E0CF4577A884\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9001:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE94ABB5-E6B1-42C5-AF2B-F2951328F024\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9002:*:*:*:*:*:*\",\"matchCriteriaId\":\"9966E66B-B3E2-49B0-8CBF-CA3A0458D20E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9003:*:*:*:*:*:*\",\"matchCriteriaId\":\"834F8534-4226-48A2-B415-995501650618\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9004:*:*:*:*:*:*\",\"matchCriteriaId\":\"31F1D452-4268-407B-B63B-59FE3EB046ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9005:*:*:*:*:*:*\",\"matchCriteriaId\":\"94A91595-4BA0-4CD2-BBED-9F42F65C632A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9006:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E7DAE62-8469-475F-82FE-164C1EDBC0A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9007:*:*:*:*:*:*\",\"matchCriteriaId\":\"CE512B2F-0834-441E-B7F4-E0E9F0A2DE0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9008:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE7595D0-856F-494D-8E3A-A02242A8D383\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9009:*:*:*:*:*:*\",\"matchCriteriaId\":\"91C388D3-2688-4ECB-B0B9-7611F9A52ACD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9201:*:*:*:*:*:*\",\"matchCriteriaId\":\"E912C9D7-7553-4974-B97C-F4AC2D0B3133\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9203:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AECEDD6-54EC-4541-939F-0C23F48F6781\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9204:*:*:*:*:*:*\",\"matchCriteriaId\":\"BBC170CE-1836-41BE-8326-D4F7808D58C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9205:*:*:*:*:*:*\",\"matchCriteriaId\":\"88C00B27-DE6C-4315-8948-3EB8640F0F10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9206:*:*:*:*:*:*\",\"matchCriteriaId\":\"811B1869-7E3D-4803-B6CC-F3813CF2D402\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9207:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F13C8B4-2290-4E4E-B3E8-F75A42D0EDE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9208:*:*:*:*:*:*\",\"matchCriteriaId\":\"071A7E8D-8F02-438A-81BD-EB11D0C286DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9209:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3138227-61F5-44B9-8F93-AC691789F07F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9210:*:*:*:*:*:*\",\"matchCriteriaId\":\"9920E9A3-D737-497F-B568-4262726013F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9300:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CCC051F-DB21-4066-AD6B-DDD26CD2B0D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9301:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3C50EDF-35AF-4576-AC5D-88E472582B1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9302:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0D2FEBF-A46E-42CE-92F8-ED8EC314374E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9303:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDE9FA5E-25BE-4F4B-B29B-D6526F2E4B6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9304:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A20173C-D413-45E5-A471-1AA72AF909C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9305:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DCFE06A-801E-46B3-8593-B9F9AA6F0779\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9306:*:*:*:*:*:*\",\"matchCriteriaId\":\"55117842-D507-445B-8AA4-1C04B9FC68D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9307:*:*:*:*:*:*\",\"matchCriteriaId\":\"143E3269-0869-40E8-B962-82C036A048AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9308:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE3A12DA-5B95-4AB4-A616-A7D1DE0D46F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9400:*:*:*:*:*:*\",\"matchCriteriaId\":\"57DC9260-6C3E-454F-B22E-7BB393867A55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9401:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAFD4B56-3DC6-497A-8545-BB0B8697657E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9402:*:*:*:*:*:*\",\"matchCriteriaId\":\"72328DE3-F889-4205-9DAC-270230C5205B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9403:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2B414B8-83B8-490D-BDEC-C52D8543A49E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9404:*:*:*:*:*:*\",\"matchCriteriaId\":\"426552F5-7152-428F-82DE-EF8F76FE1335\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9405:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7EFBD59-AD58-4F04-8373-E6D2885F3288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9406:*:*:*:*:*:*\",\"matchCriteriaId\":\"33985D13-CE17-46D4-AF6C-B0D367EE3554\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9407:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7DB69E1-FCA2-4BB2-BBF3-5B8F14AA5F93\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9408:*:*:*:*:*:*\",\"matchCriteriaId\":\"00C3A7F0-46E3-4973-8644-7A01FB6BC30C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9409:*:*:*:*:*:*\",\"matchCriteriaId\":\"355BD39B-6851-4728-883C-CC3D74CD8325\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9410:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D59A697-4BCD-4287-B9F4-4B2A17DFD9AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9411:*:*:*:*:*:*\",\"matchCriteriaId\":\"F117B2FB-6C00-4828-B4D8-E20C6B1B3650\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9412:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDB5F6A9-8BE9-495D-B376-8ED135F5548B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9413:*:*:*:*:*:*\",\"matchCriteriaId\":\"59AA5B39-2920-43F0-8FF3-F5DC982193D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9414:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0ACCAFC-6F7C-4308-9400-52F235301E66\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9415:*:*:*:*:*:*\",\"matchCriteriaId\":\"708A8653-F792-45BD-83D9-20EDF059D944\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9416:*:*:*:*:*:*\",\"matchCriteriaId\":\"41547FE5-7429-41A4-ABB0-1C76EC7E9CC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9417:*:*:*:*:*:*\",\"matchCriteriaId\":\"7127E8DA-F563-4D75-AAD6-243D91019A23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9418:*:*:*:*:*:*\",\"matchCriteriaId\":\"246F2D39-E0CB-43CF-867D-2A8792F95230\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9419:*:*:*:*:*:*\",\"matchCriteriaId\":\"97BC20EC-7D36-4913-999A-5A32C320C97C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9420:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9214BCD-3538-464B-B2DD-DDB74359B288\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9421:*:*:*:*:*:*\",\"matchCriteriaId\":\"365B0574-FBE5-41EB-90B5-D6CD5AC636E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9422:*:*:*:*:*:*\",\"matchCriteriaId\":\"335B549D-4CDA-4656-A802-A3F9FE0AE842\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9423:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B700DF0-0CD8-4CE1-BAC6-74A7F660E2EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9424:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B6AE150-E531-41E0-A12F-F638B9969DCD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9425:*:*:*:*:*:*\",\"matchCriteriaId\":\"418F99FE-9BE8-45F2-B8BA-8A633B71370E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9426:*:*:*:*:*:*\",\"matchCriteriaId\":\"17EC0F67-3CCD-4C72-B092-5DB4B3BB6229\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9427:*:*:*:*:*:*\",\"matchCriteriaId\":\"71D28BB0-D675-4FF6-8EDD-86281C970411\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/ricardojoserf/CVE-2021-31159\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.manageengine.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://www.manageengine.com/products/service-desk-msp/readme.html#10519\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/ricardojoserf/CVE-2021-31159\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.manageengine.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://www.manageengine.com/products/service-desk-msp/readme.html#10519\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}"
  }
}

fkie_cve-2021-31159

Vulnerability from fkie_nvd

Published

2021-06-16 13:15

Modified

2024-11-21 06:05

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	https://github.com/ricardojoserf/CVE-2021-31159	Exploit, Third Party Advisory
cve@mitre.org	https://www.manageengine.com	Product
cve@mitre.org	https://www.manageengine.com/products/service-desk-msp/readme.html#10519	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://github.com/ricardojoserf/CVE-2021-31159	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.manageengine.com	Product
af854a3a-2127-422b-91ae-364da2661108	https://www.manageengine.com/products/service-desk-msp/readme.html#10519	Release Notes, Vendor Advisory

Impacted products

Vendor	Product	Version
zohocorp	manageengine_servicedesk_plus_msp	*
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5
zohocorp	manageengine_servicedesk_plus_msp	10.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B4B5EF3-FA74-400F-B7F8-3A078686FD96",
              "versionEndIncluding": "9.4",
              "versionStartIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10500:*:*:*:*:*:*",
              "matchCriteriaId": "6BA242DB-20DE-4C22-9EEC-E8DF5C2D8260",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10501:*:*:*:*:*:*",
              "matchCriteriaId": "860EBABC-B252-4C73-97C6-57A67ED94492",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10502:*:*:*:*:*:*",
              "matchCriteriaId": "71E4F529-B091-4565-B024-185174483A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10503:*:*:*:*:*:*",
              "matchCriteriaId": "FADCF801-93E0-430B-BD14-092ACE960D05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10504:*:*:*:*:*:*",
              "matchCriteriaId": "97CD568D-AF18-42E7-8357-9AE2B279BEE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10505:*:*:*:*:*:*",
              "matchCriteriaId": "9EB715EE-313B-4D62-A345-C4F7EB7C3DED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10506:*:*:*:*:*:*",
              "matchCriteriaId": "B965016B-7584-4661-A8F3-C8EA3DB1E94C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10507:*:*:*:*:*:*",
              "matchCriteriaId": "DCF7199B-A66E-425B-9614-D8256C4C828D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10508:*:*:*:*:*:*",
              "matchCriteriaId": "81F583C7-CB76-430A-A7AC-F3E727E0A26D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10509:*:*:*:*:*:*",
              "matchCriteriaId": "F33A3E84-F73B-4797-8A97-3F10F77BD631",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10510:*:*:*:*:*:*",
              "matchCriteriaId": "724284CA-51FE-46E8-B90E-99C53615901B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10511:*:*:*:*:*:*",
              "matchCriteriaId": "8342A66C-4C0B-4FAE-987A-276CE126724B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10512:*:*:*:*:*:*",
              "matchCriteriaId": "39C638A3-C8A1-4C2A-9B8F-39339F5674CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10513:*:*:*:*:*:*",
              "matchCriteriaId": "7BB0CD9F-5459-44A7-9AD1-A70D3208369B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10514:*:*:*:*:*:*",
              "matchCriteriaId": "7399A6B2-B0F2-4898-AC04-E50B508EA495",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10515:*:*:*:*:*:*",
              "matchCriteriaId": "7793C1AC-38FA-4B31-BB78-004A519DD4A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10516:*:*:*:*:*:*",
              "matchCriteriaId": "7C30D050-4BDC-46E6-819E-49898AD56BFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10517:*:*:*:*:*:*",
              "matchCriteriaId": "AB7D8E3B-30C3-44C5-90B7-561F4E09830E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10518:*:*:*:*:*:*",
              "matchCriteriaId": "33960952-4461-4502-A2B5-364E22C96824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8000:*:*:*:*:*:*",
              "matchCriteriaId": "CDE43523-D7CB-478C-B9D4-2EE2528366C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8001:*:*:*:*:*:*",
              "matchCriteriaId": "F9813904-4215-41BF-96EE-751C41DB5CB6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8002:*:*:*:*:*:*",
              "matchCriteriaId": "E49FA680-361B-4EC2-A64C-9695205B81BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8003:*:*:*:*:*:*",
              "matchCriteriaId": "C8C93784-2E35-49F2-9A26-239A938F5071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8004:*:*:*:*:*:*",
              "matchCriteriaId": "CAD5E27F-F89F-42E2-9CE2-1E1CAAABCF72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8100:*:*:*:*:*:*",
              "matchCriteriaId": "5782173F-D5E8-4618-9F0E-51DA0A4E0690",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8101:*:*:*:*:*:*",
              "matchCriteriaId": "D3486B9C-401F-4A35-B5C9-85DAEA8D0034",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8102:*:*:*:*:*:*",
              "matchCriteriaId": "E1ABE733-61D4-4265-9EFD-E2FF546F11E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8103:*:*:*:*:*:*",
              "matchCriteriaId": "10902B3F-32C1-4119-843A-C98244C0AB4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8104:*:*:*:*:*:*",
              "matchCriteriaId": "D4638499-7F0B-4535-9EF6-A50F84BB584B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8105:*:*:*:*:*:*",
              "matchCriteriaId": "CFA362F1-36BE-4982-8A1B-62A54C526FAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8200:*:*:*:*:*:*",
              "matchCriteriaId": "E7D6C4A7-79D3-41B9-B738-02CDFD061509",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8201:*:*:*:*:*:*",
              "matchCriteriaId": "E9350A7F-1119-4813-9A2E-1A3B4AB17B7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8202:*:*:*:*:*:*",
              "matchCriteriaId": "3753C5C2-3136-446C-835F-E3B14619C494",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8203:*:*:*:*:*:*",
              "matchCriteriaId": "C7E59504-3BC3-471B-BDC5-0C1675A542D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8204:*:*:*:*:*:*",
              "matchCriteriaId": "13A7411D-87B9-499B-A34A-CB0B2CFF7DB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8205:*:*:*:*:*:*",
              "matchCriteriaId": "435BCA89-34DF-4416-8E63-A72E39007384",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8206:*:*:*:*:*:*",
              "matchCriteriaId": "1BAD7635-707D-43AA-9CA7-B3087BCEAE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8207:*:*:*:*:*:*",
              "matchCriteriaId": "45513FFC-16AE-4253-998C-0CEA37BD613D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8208:*:*:*:*:*:*",
              "matchCriteriaId": "DE39000F-0210-406F-8D2B-0A8022E3ECF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8209:*:*:*:*:*:*",
              "matchCriteriaId": "6315DC22-226C-4782-A132-07F099673218",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8210:*:*:*:*:*:*",
              "matchCriteriaId": "D5AFA906-5FEF-4319-8F0F-E46844A2DA9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8211:*:*:*:*:*:*",
              "matchCriteriaId": "60CB1958-1D0E-4EAE-A9DB-0ADCB3750A8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8300:*:*:*:*:*:*",
              "matchCriteriaId": "2D4BB788-23FB-4C17-B22A-2317D09307B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8301:*:*:*:*:*:*",
              "matchCriteriaId": "B9BA2F35-FC7C-4712-AE48-6C5533511361",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8302:*:*:*:*:*:*",
              "matchCriteriaId": "81F2600A-CAF3-49A9-B251-3C831BED42D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8303:*:*:*:*:*:*",
              "matchCriteriaId": "C984B69D-70B8-4CCC-AB18-DCEA7BFC12A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8304:*:*:*:*:*:*",
              "matchCriteriaId": "8D105340-D249-4226-84FD-3A081CE9DCB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8305:*:*:*:*:*:*",
              "matchCriteriaId": "5ECFB26A-FF48-47EC-BECA-928308EB82D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8306:*:*:*:*:*:*",
              "matchCriteriaId": "023A688E-17C7-4D87-9F35-BE441A7A6B00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8307:*:*:*:*:*:*",
              "matchCriteriaId": "028FF2C3-A660-4322-B9E5-5FB10AF13BFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8308:*:*:*:*:*:*",
              "matchCriteriaId": "E0310BE0-E0D2-4F06-9AE9-7FCC7D057071",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8309:*:*:*:*:*:*",
              "matchCriteriaId": "B77DDA8B-1FF2-4383-9E08-FF490493AD6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8310:*:*:*:*:*:*",
              "matchCriteriaId": "E6572BF3-F187-474F-AFC5-39EA05E2B62C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8311:*:*:*:*:*:*",
              "matchCriteriaId": "B4115EC3-7483-4C50-98C6-B5E8DEC76C88",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8312:*:*:*:*:*:*",
              "matchCriteriaId": "BDCF1528-A720-4D73-9059-0262060DCD03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9000:*:*:*:*:*:*",
              "matchCriteriaId": "F397AEA2-88E4-4F4B-A506-E0CF4577A884",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9001:*:*:*:*:*:*",
              "matchCriteriaId": "DE94ABB5-E6B1-42C5-AF2B-F2951328F024",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9002:*:*:*:*:*:*",
              "matchCriteriaId": "9966E66B-B3E2-49B0-8CBF-CA3A0458D20E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9003:*:*:*:*:*:*",
              "matchCriteriaId": "834F8534-4226-48A2-B415-995501650618",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9004:*:*:*:*:*:*",
              "matchCriteriaId": "31F1D452-4268-407B-B63B-59FE3EB046ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9005:*:*:*:*:*:*",
              "matchCriteriaId": "94A91595-4BA0-4CD2-BBED-9F42F65C632A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9006:*:*:*:*:*:*",
              "matchCriteriaId": "0E7DAE62-8469-475F-82FE-164C1EDBC0A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9007:*:*:*:*:*:*",
              "matchCriteriaId": "CE512B2F-0834-441E-B7F4-E0E9F0A2DE0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9008:*:*:*:*:*:*",
              "matchCriteriaId": "EE7595D0-856F-494D-8E3A-A02242A8D383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9009:*:*:*:*:*:*",
              "matchCriteriaId": "91C388D3-2688-4ECB-B0B9-7611F9A52ACD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9201:*:*:*:*:*:*",
              "matchCriteriaId": "E912C9D7-7553-4974-B97C-F4AC2D0B3133",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9203:*:*:*:*:*:*",
              "matchCriteriaId": "6AECEDD6-54EC-4541-939F-0C23F48F6781",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9204:*:*:*:*:*:*",
              "matchCriteriaId": "BBC170CE-1836-41BE-8326-D4F7808D58C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9205:*:*:*:*:*:*",
              "matchCriteriaId": "88C00B27-DE6C-4315-8948-3EB8640F0F10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9206:*:*:*:*:*:*",
              "matchCriteriaId": "811B1869-7E3D-4803-B6CC-F3813CF2D402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9207:*:*:*:*:*:*",
              "matchCriteriaId": "6F13C8B4-2290-4E4E-B3E8-F75A42D0EDE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9208:*:*:*:*:*:*",
              "matchCriteriaId": "071A7E8D-8F02-438A-81BD-EB11D0C286DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9209:*:*:*:*:*:*",
              "matchCriteriaId": "D3138227-61F5-44B9-8F93-AC691789F07F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9210:*:*:*:*:*:*",
              "matchCriteriaId": "9920E9A3-D737-497F-B568-4262726013F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9300:*:*:*:*:*:*",
              "matchCriteriaId": "1CCC051F-DB21-4066-AD6B-DDD26CD2B0D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9301:*:*:*:*:*:*",
              "matchCriteriaId": "E3C50EDF-35AF-4576-AC5D-88E472582B1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9302:*:*:*:*:*:*",
              "matchCriteriaId": "A0D2FEBF-A46E-42CE-92F8-ED8EC314374E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9303:*:*:*:*:*:*",
              "matchCriteriaId": "DDE9FA5E-25BE-4F4B-B29B-D6526F2E4B6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9304:*:*:*:*:*:*",
              "matchCriteriaId": "6A20173C-D413-45E5-A471-1AA72AF909C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9305:*:*:*:*:*:*",
              "matchCriteriaId": "3DCFE06A-801E-46B3-8593-B9F9AA6F0779",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9306:*:*:*:*:*:*",
              "matchCriteriaId": "55117842-D507-445B-8AA4-1C04B9FC68D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9307:*:*:*:*:*:*",
              "matchCriteriaId": "143E3269-0869-40E8-B962-82C036A048AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9308:*:*:*:*:*:*",
              "matchCriteriaId": "DE3A12DA-5B95-4AB4-A616-A7D1DE0D46F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9400:*:*:*:*:*:*",
              "matchCriteriaId": "57DC9260-6C3E-454F-B22E-7BB393867A55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9401:*:*:*:*:*:*",
              "matchCriteriaId": "CAFD4B56-3DC6-497A-8545-BB0B8697657E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9402:*:*:*:*:*:*",
              "matchCriteriaId": "72328DE3-F889-4205-9DAC-270230C5205B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9403:*:*:*:*:*:*",
              "matchCriteriaId": "E2B414B8-83B8-490D-BDEC-C52D8543A49E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9404:*:*:*:*:*:*",
              "matchCriteriaId": "426552F5-7152-428F-82DE-EF8F76FE1335",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9405:*:*:*:*:*:*",
              "matchCriteriaId": "A7EFBD59-AD58-4F04-8373-E6D2885F3288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9406:*:*:*:*:*:*",
              "matchCriteriaId": "33985D13-CE17-46D4-AF6C-B0D367EE3554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9407:*:*:*:*:*:*",
              "matchCriteriaId": "B7DB69E1-FCA2-4BB2-BBF3-5B8F14AA5F93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9408:*:*:*:*:*:*",
              "matchCriteriaId": "00C3A7F0-46E3-4973-8644-7A01FB6BC30C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9409:*:*:*:*:*:*",
              "matchCriteriaId": "355BD39B-6851-4728-883C-CC3D74CD8325",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9410:*:*:*:*:*:*",
              "matchCriteriaId": "8D59A697-4BCD-4287-B9F4-4B2A17DFD9AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9411:*:*:*:*:*:*",
              "matchCriteriaId": "F117B2FB-6C00-4828-B4D8-E20C6B1B3650",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9412:*:*:*:*:*:*",
              "matchCriteriaId": "DDB5F6A9-8BE9-495D-B376-8ED135F5548B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9413:*:*:*:*:*:*",
              "matchCriteriaId": "59AA5B39-2920-43F0-8FF3-F5DC982193D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9414:*:*:*:*:*:*",
              "matchCriteriaId": "E0ACCAFC-6F7C-4308-9400-52F235301E66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9415:*:*:*:*:*:*",
              "matchCriteriaId": "708A8653-F792-45BD-83D9-20EDF059D944",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9416:*:*:*:*:*:*",
              "matchCriteriaId": "41547FE5-7429-41A4-ABB0-1C76EC7E9CC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9417:*:*:*:*:*:*",
              "matchCriteriaId": "7127E8DA-F563-4D75-AAD6-243D91019A23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9418:*:*:*:*:*:*",
              "matchCriteriaId": "246F2D39-E0CB-43CF-867D-2A8792F95230",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9419:*:*:*:*:*:*",
              "matchCriteriaId": "97BC20EC-7D36-4913-999A-5A32C320C97C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9420:*:*:*:*:*:*",
              "matchCriteriaId": "A9214BCD-3538-464B-B2DD-DDB74359B288",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9421:*:*:*:*:*:*",
              "matchCriteriaId": "365B0574-FBE5-41EB-90B5-D6CD5AC636E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9422:*:*:*:*:*:*",
              "matchCriteriaId": "335B549D-4CDA-4656-A802-A3F9FE0AE842",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9423:*:*:*:*:*:*",
              "matchCriteriaId": "0B700DF0-0CD8-4CE1-BAC6-74A7F660E2EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9424:*:*:*:*:*:*",
              "matchCriteriaId": "7B6AE150-E531-41E0-A12F-F638B9969DCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9425:*:*:*:*:*:*",
              "matchCriteriaId": "418F99FE-9BE8-45F2-B8BA-8A633B71370E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9426:*:*:*:*:*:*",
              "matchCriteriaId": "17EC0F67-3CCD-4C72-B092-5DB4B3BB6229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9427:*:*:*:*:*:*",
              "matchCriteriaId": "71D28BB0-D675-4FF6-8EDD-86281C970411",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732."
    },
    {
      "lang": "es",
      "value": "Zoho ManageEngine ServiceDesk Plus MSP versiones anteriores a 10519 es vulnerable a un bug de Enumeraci\u00f3n de Usuarios debido a la generaci\u00f3n inapropiada de mensajes de error en la funcionalidad Forgot Password, tambi\u00e9n se conoce como SDPMSP-15732"
    }
  ],
  "id": "CVE-2021-31159",
  "lastModified": "2024-11-21T06:05:12.287",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-06-16T13:15:11.890",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ricardojoserf/CVE-2021-31159"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "https://www.manageengine.com"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/ricardojoserf/CVE-2021-31159"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://www.manageengine.com"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-209"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2021-31159

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.

Aliases

CVE-2021-31159

Aliases

CVE-2021-31159

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-31159",
    "description": "Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.",
    "id": "GSD-2021-31159",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2021-31159"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-31159"
      ],
      "details": "Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.",
      "id": "GSD-2021-31159",
      "modified": "2023-12-13T01:23:13.677960Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2021-31159",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.manageengine.com",
            "refsource": "MISC",
            "url": "https://www.manageengine.com"
          },
          {
            "name": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519",
            "refsource": "CONFIRM",
            "url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
          },
          {
            "name": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
          },
          {
            "name": "https://github.com/ricardojoserf/CVE-2021-31159",
            "refsource": "MISC",
            "url": "https://github.com/ricardojoserf/CVE-2021-31159"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "9.4",
                "versionStartIncluding": "8.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10500:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10501:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10502:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10503:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10504:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10505:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10506:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10507:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10508:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10509:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10510:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10511:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10512:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10513:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10514:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10515:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10516:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10517:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:10518:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8000:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8001:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8002:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8003:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8004:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8100:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8101:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8102:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8103:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8104:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8105:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8200:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8201:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8202:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8203:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8204:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8205:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8206:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8207:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8208:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8209:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8210:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8211:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8300:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8301:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8302:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8303:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8304:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8305:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8306:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8307:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8308:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8309:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8310:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8311:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:8312:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9000:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9001:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9002:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9003:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9004:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9005:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9006:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9007:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9008:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9009:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9201:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9203:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9204:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9205:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9206:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9207:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9208:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9209:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9210:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9300:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9301:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9302:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9303:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9304:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9305:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9306:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9307:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9308:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9400:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9401:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9402:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9403:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9404:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9405:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9406:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9407:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9408:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9409:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9410:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9411:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9412:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9413:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9414:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9415:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9416:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9417:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9418:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9419:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9420:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9421:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9422:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9423:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9424:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9425:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9426:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:zohocorp:manageengine_servicedesk_plus_msp:10.5:9427:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-31159"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-209"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes",
                "Vendor Advisory"
              ],
              "url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
            },
            {
              "name": "https://www.manageengine.com",
              "refsource": "MISC",
              "tags": [
                "Product"
              ],
              "url": "https://www.manageengine.com"
            },
            {
              "name": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
            },
            {
              "name": "https://github.com/ricardojoserf/CVE-2021-31159",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/ricardojoserf/CVE-2021-31159"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2021-07-09T12:49Z",
      "publishedDate": "2021-06-16T13:15Z"
    }
  }
}

ghsa-p9qp-995j-9pxx

Vulnerability from github

Published

2022-05-24 19:05

Modified

2022-05-24 19:05

Details

Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-31159"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-209"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-16T13:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.",
  "id": "GHSA-p9qp-995j-9pxx",
  "modified": "2022-05-24T19:05:31Z",
  "published": "2022-05-24T19:05:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31159"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ricardojoserf/CVE-2021-31159"
    },
    {
      "type": "WEB",
      "url": "https://www.manageengine.com"
    },
    {
      "type": "WEB",
      "url": "https://www.manageengine.com/products/service-desk-msp/readme.html#10519"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/163192/Zoho-ManageEngine-ServiceDesk-Plus-9.4-User-Enumeration.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2021-31159

Vulnerability from cvelistv5

fkie_cve-2021-31159

Vulnerability from fkie_nvd

gsd-2021-31159

Vulnerability from gsd

ghsa-p9qp-995j-9pxx

Vulnerability from github

Tags

Sightings

Nomenclature